;

17-0627 Tuesday “Daily Bugle”

17-0627 Tuesday “Daily Bugle”

Tuesday, 27 June 2017

TOPThe Daily Bugle is a free daily newsletter from Full Circle Compliance, containing changes to export/import regulations (ATF, Customs, NISPOM, EAR, FACR/OFAC, FTR/AES, HTSUS, and ITAR), plus news and events. Subscribe 
here
for free subscription.
Contact us
 for advertising inquiries and rates.

[No items of interest noted today.]  

  1. Ex/Im Items Scheduled for Publication in Future Federal Register Editions
  2. Commerce/BIS: (No new postings.)
  3. DHS/CBP Postpones 8 Jul ACE Deployment
  4. State/DDTC: (No new postings.)
  5. Treasury/OFAC: “American International Group, Inc. Settles Potential Liability for Apparent Violations of Multiple Sanctions Programs”
  1. iPolitics: “Canada Removes Restrictions on Exporting to Belarus”
  1. J. Reeves & T. Ficaretta: “U.S. Government Expands Ukraine Sanctions to Include Russian Firearms Manufacturer”
  2. M. Volkov: “Working in a “Happy Talk” Corporate Culture”
  3. R.L. Cassin: “London Banker Jailed for Taking Bribes from U.S. Consultant”
  4. R.C. Burns: “Vladimir Wants to See Your Source Code”
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Changes: ATF (15 Jan 2016), Customs (27 Jan 2017), DOD/NISPOM (18 May 2016), EAR (22 Jun 2017), FACR/OFAC (16 Jun 2017), FTR (19 Apr 2017), HTSUS (26 Apr 2017), ITAR (11 Jan 2017) 
  3. Weekly Highlights of the Daily Bugle Top Stories 

EXIMEX/IM ITEMS FROM TODAY’S FEDERAL REGISTER

* * * * * * * * * * * * * * * * * * * * 

OGS
OTHER GOVERNMENT SOURCES

OGS_a11. Ex/Im Items Scheduled for Publication in Future Federal Register Editions

(Source: Federal Register)


* Defense; NOTICES; Agency Information Collection Activities; Proposals, Submissions, and Approvals: Department 
of Defense 
Contract 
Security Classification 
Specification [Publication Date: 28 June 2017.] 

* * * * * * * * * * * * * * * * * * * *

OGS_a22. Commerce/BIS: (No new postings.)

(Source:
Commerce/BIS
)

* * * * * * * * * * * * * * * * * * * *

OGS_a33. DHS/CBP Postpones 8 Jul ACE Deployment

(Source: CSMS #17-000375, 27 Jun 2017.)
 
CBP is rescheduling the last primary deployment of core trade processing capabilities in ACE which had been scheduled for July 8, 2017. This deployment includes liquidation (with the exception of the previously deployed electronic posting of the Notices of Liquidation on CBP.gov), reconciliation, drawback, duty deferral, collections and the Automated Surety Interface (ASI).
 
We have been conducting ongoing, rigorous testing to ensure these capabilities will operate successfully. Our latest efforts have revealed areas specific to collections that are in need of further testing before these capabilities can be deployed. Consequently, we are postponing the July 8, 2017 deployment, and are in the process of replanning. We will communicate further information as soon as possible.
 
The rescheduled deployment date will be published in a Federal Register Notice at least 30 days in advance of the actual deployment/mandatory transition.
 
  – Related CSMS No. 17-000334

* * * * * * * * * * * * * * * * * * * *

OGS_a44
. State/DDTC: (No new postings.)

(Source: State/DDTC)

* * * * * * * * * * * * * * * * * * * *

OGS_a55
. Treasury/OFAC: “American International Group, Inc. Settles Potential Liability for Apparent Violations of Multiple Sanctions Programs”

(Source: Treasury/OFAC)
 
American International Group, Inc. (AIG) of New York, NY, an international insurance and financial services organization incorporated in Delaware and headquartered in New York, has agreed to remit $148,698 to settle its potential civil liability for 555 apparent violations of the following OFAC sanctions programs: the Iranian Transactions and Sanctions Regulations, 31 C.F.R. Part 560 (ITSR); the Weapons of Mass Destruction Proliferators Sanctions Regulations, 31 C.F.R. Part 544 (WMDPSR); the Sudanese Sanctions Regulations, 31 C.F.R. Part 538 (SSR); and the Cuban Assets Control Regulations, 31 C.F.R. Part 515 (CACR), (collectively, the “Apparent Violations”).

OFAC has determined that AIG did voluntarily self-disclose the Apparent Violations, and that the Apparent Violations constitute a non-egregious case. The total base penalty amount for the apparent violations was $198,266.
 
From on or about 20 November 2007, to on or about 3 September 2012, AIG engaged in a total of 555 transactions totaling approximately $396,530 in premiums and claims for the insurance of maritime shipments of various goods and materials destined for, or that transited through, Iran, Sudan, or Cuba, and/or that involved a blocked person. While most of the Apparent Violations occurred under global insurance policies, dozens of apparent violations occurred under single shipment policies. 
     OFAC identified 455 apparent violations totaling $274,463.64 in which AIG extended insurance coverage to parties that were engaging in a voyage, shipment, or transshipment to, from, or through Iran, and/or accepted premium payments or paid claims arising from that insurance coverage, in apparent violation of § 560.204 of ITSR. In addition, OFAC identified 38 apparent violations of § 538.205 of the SSR, all of which pertained to global insurance policies that provided insurance coverage for shipments going to or from Sudan, with premiums received totaling $13,321.44. 
     Moreover, OFAC identified 33 apparent violations of § 544.201 of the WMDPSR, all of which involved shipments aboard blocked Islamic Republic of Iran Shipping Lines vessels, with premiums received totaling $105,065.94. Finally, OFAC identified 29 apparent violations of § 515.201 of the CACR, all of which pertained to AIG’s provision of insurance coverage in connection with shipments to or from Cuba, or its processing of premiums or claims arising from this coverage or that involved a Cuban entity, with premiums received totaling $3,679.
 
AIG’s OFAC compliance program in place at the time of the Apparent Violations included recommendations for when to use exclusion clauses in the policies it issued regarding coverage or claims that implicated U.S. economic sanctions. While a majority of the policies were issued with exclusionary clauses, most were too narrow in their scope and application to be effective. In addition, some of the policies were issued without such clauses. Separately, some insureds, mindful of existing exclusionary clauses in their open cargo or worldwide master policies, sought single shipment policies that had no exclusionary clauses.
 
The settlement amount reflects OFAC’s consideration of the following facts and circumstances, pursuant to the General Factors under OFAC’s Economic Sanctions Enforcement Guidelines, 31 C.F.R. Part 501, app. A. The following were considered aggravating factors:
  (1) AIG engaged in a pattern or practice that spanned multiple years in which it issued and maintained insurance policies and processed claims and premium payments in apparent violation of multiple U.S. sanctions programs;
  (2) AIG issued policies and insurance certificates, and/or processed claims and other insurance-related transactions, that conferred economic benefit to sanctioned countries or persons and undermined the policy objectives of several U.S. economic sanctions programs; and
  (3) AIG is a large and commercially sophisticated financial institution.
 
The following were considered mitigating factors:
  (1) AIG has not received a penalty notice or Finding of Violation from OFAC in the five years preceding the earliest date of the transactions giving rise to the Apparent Violations;
  (2) AIG had an OFAC compliance program in place at the time of the Apparent Violations that included, in most instances, the use of sanctions exclusion clauses to try to prevent the company from issuing policies or processing claims that implicated U.S. economic sanctions;
  (3) AIG took remedial action in response to the apparent violations; and
  (4) AIG cooperated with OFAC’s investigation, including by voluntarily self-disclosing the Apparent Violations, submitting detailed and well-organized information to OFAC, and signing tolling agreements that tolled the statute of limitations.
 
This enforcement action highlights the important role that properly executed exclusionary clauses and robust compliance controls play in the global insurance industry’s efforts to comply with U.S. economic sanctions programs. As outlined in OFAC’s Frequently Asked Questions regarding Compliance for the Insurance Industry, the best and most reliable approach for insuring global risks without violating U.S. sanctions law is to insert in global insurance policies an explicit exclusion for risks that would violate U.S. sanctions laws.
 
For more information regarding OFAC regulations, please visit: http://www.treasury.gov/ofac.

* * * * * * * * * * * * * * * * * * * *

NWSNEWS

NWS_a16. iPolitics: “Canada Removes Restrictions on Exporting to Belarus”

(Source:
iPolitics. Subscription required.) [Excerpts.]
 
The federal government has removed Belarus from its Area Control List (ACL), easing restrictions on Canadian exporters that have been in place since 2006.
 
In a recently posted Order in Council, which takes effect July 12, Belarus is removed from the ACL – on the recommendation of the minister of foreign affairs.
  “Exporters of items that are not listed on Canada’s Export Control List (ECL) will no longer require an export permit under the Export and Import Permits Act in order to lawfully export those items to Belarus,” the order reads. 
. . . .
* * * * * * * * * * * * * * * * * * * *

COMMCOMMENTARY

(Source: R/D Alert)

 
* Authors: Johanna Reeves, Esq., jreeves@reevesdola.com; and Teresa Ficaretta, Esq., tficaretta@reevesdola.com. Both of Reeves & Dola LLP.
 
On June 20, 2017, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced expansion of sanctions imposed on persons and entities in Russia pursuant to Executive Orders President Obama issued in 2014. The 2014 sanctions were imposed because the Obama Administration determined the designated persons were contributing to the situation in Ukraine. Readers may recall that the 2014 sanctions named Kalashnikov Concern as one of the Specially Designated Nationals subject to the sanctions. Now, OFAC has added Molot-Oruzhie, OOO, to the list of sanctioned entities, stating that Kalashnikov Concern used the company to falsify invoices in order to circumvent U.S. and European Union sanctions. Molot-Oruzhie is a manufacturer of firearms and accessories, including the VEPR rifle.

Subsequent to the OFAC announcement, the Department of Commerce’s Bureau of Industry and Security (BIS) published a notice in the June 22, 2017 Federal Register adding ten entities to the Entity List, including Molot-Oruzhie, OOO. The BIS is consistent with the OFAC press release and indicates the sanctions imposed on Molot-Oruzhie are imposed in accordance with Executive Order 13661. E.O. 13661 authorizes sanctions on any individual or entity that has been determined by the Secretary of the Treasury, in consultation with the Secretary of State, to be owned or controlled by, or that has provided material or other support to, persons operating in the arms or related materiel section in the Russian Federation and officials of the Government of the Russian Federation.

The impact of naming Molot-Oruzhie, OOO as a sanctioned entity is the blocking of any property or interest in property of Molot-Oruzhie, OOO, in the possession or control of U.S. persons or within the U.S. Transactions by U.S. persons involving Molot-Oruzhie, OOO are generally prohibited.

DESIGNATION OF MOLOT-ORUZHIE, OOO
 
The Department of Commerce Federal Register notice of new companies on the Entity List includes the following entry:
 
(5) Molot-Oruzhie, OOO, a.k.a., the following one alias:
–Obshchestvo S Ogranichennoi Otvetstvennostyu ‘Molot-Oruzhie’ (f.k.a., Obshchestvo S Ogranichennoi Otvetstvennostu Proizvodstvenno Instrument Kachestvo), 135 ul. Lenina, Vyatskie Polyany, Kirov Obl. 612960, Russia;:

The OFAC list of Specially Designated Nationals includes the following entry:

MOLOT-ORUZHIE, OOO (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU ‘MOLOT-ORUZHIE’; f.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU PROIZVODSTVENNO
INSTRUMENT KACHESTVO), 135 ul. Lenina, Vyatskie Polyany, Kirov Obl. 612960, Russia; Registration ID 1094307000633 (Russia); Tax ID No. 4307012765 (Russia); Government Gazette Number 60615883 (Russia) [UKRAINE-EO13661] (Linked To: KALASHNIKOV CONCERN).

WHAT IS A SPECIALLY DESIGNATED NATIONAL (SDN)?
 
SDNs include individuals and entities located anywhere in the world that are owned or controlled by, or that act for or on behalf of the government of a sanctioned country. SDNs also include certain individuals and entities designated as terrorists and narcotics traffickers under sanctions programs that are not country-specific. All property and interests in property of a SDN that comes under U.S. jurisdiction is blocked or frozen. Blocking immediately imposes an across-the-board prohibition against transfers or transactions of any kind involving the property. When a corporation, including a bank, blocks a prohibited payment, it must report the action to OFAC within 10 days.
 
OFAC JURISDICTION AND PENALTIES
 
OFAC has sweeping jurisdiction over U.S. persons and other persons subject to U.S. jurisdiction. This includes U.S. citizens and permanent resident aliens (“green card” holders) whether in the U.S. or abroad, companies organized and formed under U.S. law, and any individual or organization physically located in the U.S. at the time of the activity, regardless of nationality. In addition to these controls, OFAC sanctions also prohibit facilitation of foreign trade with targets of U.S. sanctions. This prevents U.S. persons from undermining sanctions through indirect support and applies to approving, financing, guaranteeing, or otherwise assisting foreign trade with a sanctioned target, changing policies or procedures to permit foreign affiliates to engage in activities with a sanctioned target that previously required U.S. approval, and referring declined business opportunities to a foreign party.

Penalties for violating OFAC sanctions are substantial. Pursuant to the International Emergency Economic Powers Act (IEEPA), the statute authorizing the Ukraine sanctions, any person who causes a violation of the sanctions may be held liable for civil and criminal penalties. Civil penalties may be up to $250,000 per violation or twice the transaction value, whichever is greater. Criminal penalties may be up to $1 million per violation or twice the transaction value, which is greater, in addition to up to 20 years imprisonment. OFAC violations may also lead to denial or debarment of export privileges under the International Traffic in Arms Regulations.
It is also important to note that OFAC violations are subject to strict liability. This means that OFAC must prove only that a violation occurred to impose a penalty. There is no requirement that OFAC prove the U.S. person intentionally or knowingly violated the sanctions.
 
ADDITIONAL GUIDANCE FROM OFAC
 
OFAC defines property in broad terms to include anything of value. This includes money, checks, drafts, debts, obligations, notes, warehouse receipts, bills of sale, evidence of title, negotiable instruments, trade acceptance, goods, wares, merchandise, and anything else real, personal or mixed, intellectual property and intangible assets. The term “property interest” is defined as any interest whatsoever, direct or indirect. OFAC publishes an industry brochure titled “OFAC Regulations for Exporters and Importers” with additional guidance.
 
IMPACT OF MOLOT-ORUZHIE SANCTIONS
 
Neither OFAC nor the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) have provided specific guidance on the designation of Molot-Oruzhie, OOO as a SDN. We have requested guidance and will supplement this Alert when it is received.

Given OFAC’s linking of Molot-Oruzhie with Kalashnikov Concern, it is likely the sanctions will be consistent with those imposed on Kalashnikov in 2014. In this regard, OFAC published two questions and answers providing guidance on the Kalashnikov sanctions which we reprint below:
 
374. If I own a Kalashnikov product, is that product blocked by sanctions? Am I able to resell a Kalashnikov product at a gun show or other secondary market?
 
If a U.S. person is in possession of a Kalashnikov Concern product that was bought and fully paid for prior to the date of designation (i.e., no payment remains due to Kalashnikov Concern), then that product is not blocked and OFAC sanctions would not prohibit the U.S. person from keeping or selling the product in the secondary market, so long as Kalashnikov Concern has no interest in the transaction. New transactions by U.S. persons with Kalashnikov Concern are prohibited, however, and any property in which Kalashnikov Concern has an interest is blocked pursuant to OFAC’s designation of Kalashnikov Concern on July 16, 2014. If a U.S. person has an inventory of Kalashnikov Concern products in which Kalashnikov Concern has an interest (for example, the products are not fully paid for or are being sold on consignment), we advise that U.S. person to contact OFAC for further guidance on handling of the inventory. [7-16-2014]
 
375. If I have Kalashnikov products in my inventory, can I sell them?
 
If a U.S. person has an inventory of Kalashnikov Concern products in which Kalashnikov Concern has an interest (for example, the products are not fully paid for or are being sold on consignment), we advise that U.S. person to contact OFAC for further guidance on handling of the inventory. [7-16-2014]
 
Based on this OFAC guidance, the impact of the sanctions on firearms importers and dealers should be consistent with that of the Kalashnikov sanctions:
 
  (1) Firearms in inventory. According to the OFAC guidance above, if Molot-Oruzhie has no interest in the firearms, then importers and dealers with Molot-Oruzhie firearms in inventory may continue to dispose of them. In other words, if there is no payment due to Molot-Oruzhie for the firearm, then the product is not blocked and U.S. persons may lawfully sell the product. Conversely, firearms for which importers and dealers owe Molot-Oruzhie money are blocked and may not lawfully be transferred. Importers and dealers in this situation should contact OFAC and legal counsel for guidance.
  (2) New contracts for purchase of Molot-Oruzhie firearms. Question #374 makes it clear that U.S. persons are prohibited from negotiating new contracts for the purchase of Molot-Oruzhie firearms after the sanctions were announced on June 20, 2017. Importers or dealers who have already entered into such contracts should contact OFAC and legal counsel for guidance.
  (3) Firearms on order or in the process of shipment or delivery. OFAC guidance is unclear on the impact of the sanctions on firearms ordered from Molot-Oruzhie or a third party not yet within the U.S. Potential impact likely will depend on whether Molot-Oruzhie has an interest in the firearms (e.g., whether any payment is still due to Molot-Oruzhie). Importers or dealers in this situation should contact OFAC and legal counsel for guidance.
 
AUTHORITY UNDER THE ARMS EXPORT CONTROL ACT
 
The President has broad authority under the Arms Export Control Act (AECA) to impose restrictions, including embargoes, on the importation of firearms into the United States. Although VEPR rifles manufactured by Molot-Oruzhie are specifically authorized for importation from Russia (see 27 C.F.R. § 447.52(b)(1)(i)(BB)), the President could impose an embargo on the importation of firearms manufactured by Molot-Oruzhie to implement the OFAC sanctions. This was the course of action taken by the Administration in 2014 to implement the sanctions on Kalashnikov Concern. On August 13, 2014, ATF announced suspension of import permits involving Kalashnikov Concern based on guidance the agency received from the Department of State. ATF posted questions and answers on the suspension on its website, which can be accessed here.

* * * * * * * * * * * * * * * * * * * *

COMM_a28. M. Volkov: “Working in a “Happy Talk” Corporate Culture”

(Source: Volkov Law Group Blog. Reprinted by permission.)
 
* Author: Michael Volkov, Esq., Volkov Law Group, mvolkov@volkovlaw.com, 240-505-1992.
 
* Honesty is the best policy – when there is money in it.
  —
Mark Twain
 
Compliance professionals encounter a diverse range of corporate personalities in their work. To be sure, compliance officers have to rely on their abilities to analyze, lead, persuade, understand and motivate different functions in a company to contribute to the company’s ethics and compliance function. In doing so, compliance officers have to develop important psychological skills, i.e., reading and understanding what colleagues really mean when speaking to each other.
 
I do not mean to suggest that professionals are dishonest with each other in the business world. But there is a different line between acceptable and unacceptable that is drawn differently in a variety of organizations.
 
For example, in a company with a weak ethical culture that is operating along the edge of legality in order to increase quarterly financial results, a compliance professional has to be careful not to “alarm” colleagues as to his/her ethics and compliance intentions. In other words, a compliance officer has to avoid being perceived as someone who could “rock the boat.” In this situation, the company’s culture is ruled by business and financial needs and ethics and compliance will play only a secondary role in the overall operation of the company.
 
A more common scenario occurs when a compliance professional works in a company where the CEO has created a “happy talk” culture, where everyone speaks positively to each other, risks are glossed over, and where the company believes that it will always be financially successful. The company does not directly acknowledge nor address significant issues, but blithely creates an environment where one or a small number of individuals without full consideration and analysis of alternatives may handle issues. Others at the company adhere to “happy talk,” encouraging each other, providing positive statements that reinforce each other and the overall culture (to the extent there is a real one), and ignoring real and substantive challenges facing the company.
 
The CEO and the senior management team have a responsibility to identify potential issues, analyze them and address them, or empower others to do the same. When a CEO operates as a figurehead and not as a leader, a company’s overall performance is at risk. I have observed these situations on a n umber of occasions. For compliance officers, such an environment is challenging.
 
A compliance officer working in a “happy talk” environment may be initially duped into believing the CEO and senior managers’ statements of commitment to ethics and compliance. In fact, such “happy talk” may encourage a CCO to act, plan and implement significant compliance initiatives.
 
Unfortunately, the CCO relying on “happy talk” statements will quickly find out that such statements are empty promises and words when the CCO seeks to implement changes and/or seek resources (people and money) to build an effective ethics and compliance program.
 
All to often, a CCO is encouraged by a CEO and senior managers to move forward on compliance requirements, to present alternative proposals, to develop support within the organization, and then to ultimately fail to secure approval and necessary resources to implement the proposal. Inevitably, the CCO seeks explanations from each of the so-called “allies” and they each point a finger at each other, directing the CCO to talk to the other executive to clarify and seek affirmation of support. Round and round the CCO goes until he or she finally realizes that the CEO and the senior executives have spun the CCO.
 
This is not a far-fetched scenario. I have observed this precise occurrence on a number of occasions. Once the CCO realizes what is occurring, the CCO starts to polish his/her CV and looking for an escape route to another company compliance position.
 
It is sad but true – the corporate governance world is filled with examples of companies that do not follow honesty as the best policy. If only such a maxim were more common.

* * * * * * * * * * * * * * * * * * * *

COMM_a39. R.L. Cassin: “London Banker Jailed for Taking Bribes from U.S. Consultant”

(Source: FCPA Blog)
 
* Author: Richard L. Cassin, publisher and editor FCPA Blog. Contact Mr. Cassin through here.
 
A UK court sentenced a former banker at the European Bank for Reconstruction and Development to six years in prison for taking $3.5 million in bribes from a Pennsylvania-based consultant.  
Andrey Ryjenko, a dual UK and Russian citizen, was convicted by a jury at London’s Old Bailey of a bribery conspiracy.
 
At the London-based development bank, Ryjenko reviewed applications for loans and investments submitted by eastern European oil, gas and mining firms.  
Between July 2008 and November 2009, he agreed to take 50 percent of the commissions the Pennsylvania consultant would earn when the loans were approaved.  
 
The consultant paid paid the money into accounts held by Ryjenko’s sister, Tatjana Sanderson. She was charged but later declared unfit to stand trial.  
In the United States, the DOJ charged the consultant with violating the Foreign Corrupt Practices Act.  
Dmitrij Harder, a Russian national living in Huntingdon Valley, Pennsylvania,
pleaded guilty
in 2016 to two counts of violating the FCPA. He appeared in federal court in Philadelphia.
 
Harder, a U.S. legal permanent resident, owned Chestnut Consulting Group Inc.
 
In return for $3.5 million in bribes to Ryjenko, one of Chestnut’s clients won approval for an EBRD investment of $85 million and a €90 million ($100 million) loan.  
Another client secured a $40 million EBRD investment and a $60 million convertible loan.  
Harder and Chestnut earned about $8 million in “success fees” from the EBRD’s approval of the two applications.  
Harder is scheduled to be sentenced on July 18 by Judge Paul Diamond. He faces up to ten years in prison.
 
In the FCPA, the term “foreign official” means any officer or employee of a foreign government or any department, agency, or instrumentality thereof, or of a public international organization . . . ” (15 U.S.C. § 78dd-2(h)(2)(A))
 
The DOJ said the EBRD was a public international organization and Ryjenko was a “foreign official.” Harder argued the point in court but lost a motion to dismiss. 
The DOJ
said
in 2016 it had help in the case from the City of London Police and from authorities in Germany, Jersey, and Guernsey.
 
The UK Crown Prosecution Service charged Ryjenko and his sister in 2012.  
Ryjenko was also convicted of money laundering and sentenced to two years in prison, which will run concurrently.

* * * * * * * * * * * * * * * * * * * *

COMM_a410. R.C. Burns: “
Vladimir Wants to See Your Source Code

(Source:
Export Law Blog
. Reprinted by permission.)
 
* Author: R. Clifton Burns, Esq., Bryan Cave LLP,
Clif.Burns@bryancave.com
, 202-508-6067.
 
According to this Reuters report, the Russians are demanding from U.S. companies the right to view source code of software that these companies wish to sell in Russia. The software at issue includes software with encryption capabilities, anti-virus software and firewalls. You don’t have to be a rocket (or computer) scientist to figure out why Vladimir and his spy master buddies want to look at such software. They are looking for vulnerabilities that would allow the Russians to continue to hack into U.S. networks and infrastructure. Surprisingly, Reuters suggests that some big names in U.S. software are actually complying.
 
That’s surprising because, as many readers probably know, handing over the source code of programs with encryption functionality to the Russian government requires a license from the Bureau of Industry and Security (“BIS”). Normally, I would expect BIS, at least for the moment, to grant such a license when hell freezes over or, as Vladimir himself might say, когда рак на горе свистнет (“when crawfish whistle in the mountains.”)
 
Here’s why a license is necessary. First, keep in mind that BIS controls the export of software with encryption functionality. This includes software that does not contain any encryption algorithms but calls those algorithms from an external source to perform the actual encryption. Although the language of the EAR is far from making it clear, BIS makes it quite clear here on its website:
 
Almost all items controlled under Category 5, Part 2 of the EAR are controlled because they include encryption functionality. Items may be controlled as encryption items even if the encryption is actually performed by the operating system, an external library, a third-party product or a cryptographic processor. If an item uses encryption functionality, whether or not the code that performs the encryption is included with the item, then BIS evaluates the item based on the encryption functionality it uses.
 
Most programs, in fact, call encryption from the operating system. Some browsers, such as Firefox, incorporate their own encryption, and programs may utilize browser encryption when sending and retrieving date from the Internet. In any event, the vast majority of software has some encryption functionality either by using the operating system or native encryption in certain browsers.
 
Second, source code does not fall under EAR section 740.17(b)(1) and is not eligible for self-classification and export under License Exception ENC. Rather source code that is not publicly available falls under 740.17(b)(2)(i)(B). Items that fall within (b)(2), such as source code, can be exported thirty days after the filing of a classification report to “non-‘government end users’ located or headquartered in a country not listed in supplement no. 3.” See Section 740.17(b)(2)(i). As a result, license exception ENC does not authorize exports to government end-users outside Supplement 3 countries. As Russia is not a Supplement 3 country, a license is required to provide source code with encryption functionality to the government of Russia.
 
I have no way of knowing whether the U.S. companies that have let Vlad peek at their source code bothered with, or even knew of the requirement for, licenses.   And although not so long ago, BIS would probably have said “nyet” to any such license request, it is altogether possible that BIS is now saying “da” instead.   In any event, companies should think long and hard before spilling their source code for software with encryption functionality to the Russkis without getting a license from BIS first.
 
[Editor’s Note: the Reuters report was included in the Daily Bugle of Friday, 23 June 2017, item #11.]

* * * * * * * * * * * * * * * * * * * *

ENEDITOR’S NOTES

* * * * * * * * * * * * * * * * * * * *

EN_a212
. Are Your Copies of Regulations Up to Date?
(Source: Editor)

The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  Changes to applicable regulations are listed below.
 
*
ATF ARMS IMPORT REGULATIONS
: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War
  – Last Amendment: 15 Jan 2016: 81 FR 2657-2723: Machineguns, Destructive Devices and Certain Other Firearms; Background Checks for Responsible Persons of a Trust or Legal Entity With Respect To Making or Transferring a Firearm 
 
*
CUSTOMS REGULATIONS
: 19 CFR, Ch. 1, Pts. 0-199
  – Last Amendment: 27 Jan 2017: 82 FR 8589-8590: Delay of Effective Date for Importations of Certain Vehicles and Engines Subject to Federal Antipollution Emission Standards [New effective date: 21 March 2017.]; and 82 FR 8590: Delay of Effective Date for Toxic Substance Control Act Chemical Substance Import Certification Process Revisions [New effective date: 21 March 2017.]

* DOD NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL (NISPOM): DoD 5220.22-M
  – Last Amendment: 18 May 2016: Change 2: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and canceled Supp. 1 to the NISPOM  (Summary here.)

* EXPORT ADMINISTRATION REGULATIONS (EAR): 15 CFR Subtit. B, Ch. VII, Pts. 730-774 
  – Last Amendment:
22 Jun 2017: 82 FR 28405-28410: Russian Sanctions: Addition of Certain Entities to the Entity List

  
*
FOREIGN ASSETS CONTROL REGULATIONS (OFAC FACR)
: 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders
  –  Last Amendment: 16 Jun 2017: 82 FR 27613-27614: Removal of Burmese Sanctions Regulations
 
*
FOREIGN TRADE REGULATIONS (FTR)
: 15 CFR Part 30
  – Last Amendment: 19 Apr 2017: 82 FR 18383-18393: Foreign Trade Regulations: Clarification on Filing Requirements 
  – HTS codes that are not valid for AES are available
here.
  – The latest edition (19 Apr 2017) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and footnotes containing case annotations, practice tips, and Census/AES guidance.  Subscribers receive revised copies every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance website.  BITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR.
 
*
HARMONIZED TARIFF SCHEDULE OF THE UNITED STATES (HTS, HTSA or HTSUSA)
, 1 Jan 2017: 19 USC 1202 Annex. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)

  – Last Amendment: 26 Apr 2017: Harmonized System Update 1703, containing 2,512 ABI records and 395 harmonized tariff records.

  – HTS codes for AES are available
here
.
  – HTS codes that are not valid for AES are available
here.
 
INTERNATIONAL TRAFFIC IN ARMS REGULATIONS (ITAR): 22 C.F.R. Ch. I, Subch. M, Pts. 120-130.
  – Latest Amendment: 11 Jan 2017: 82 FR 3168-3170: 2017 Civil Monetary Penalties Inflationary Adjustment
  – The only available fully updated copy (latest edition 10 Jun 2017) of the ITAR with all amendments is contained in Bartlett’s Annotated ITAR (“BITAR”), by James E. Bartlett III.  The BITAR contains all ITAR amendments to date, plus a large Index, over 800 footnotes containing amendment histories, case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text.  Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment.  The BITAR is available by annual subscription from the Full Circle Compliance
website
.  BAFTR subscribers receive a 25% discount on subscriptions to the BITAR, please
contact us

to receive your discount code. 

* * * * * * * * * * * * * * * * * * * *

EN_a313
. Weekly Highlights of the Daily Bugle Top Stories
(Source: Editors)

Review last week’s top Ex/Im stories in “Weekly Highlights of the Daily Bugle Top Stories” published 
here
. 

* * * * * * * * * * * * * * * * * * * *

EPEDITORIAL POLICY

* The Ex/Im Daily Update is a publication of FCC Advisory B.V., edited by James E. Bartlett III and Alexander Bosch, and emailed every business day to approximately 8,000 subscribers to inform readers of changes to defense and high-tech trade laws and regulations. We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOJ/ATF, DoD/DSS, DoD/DTSA, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission. Any further use of contributors’ material, however, must comply with applicable copyright laws.

* CAVEAT: The contents cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top